Subscribe

Meta

Judging Wariness Over Fingerprinting

Let’s say that the police in your town announced a new plan to reduce crime: All citizens must report to the police station to be fingerprinted. This way, if a crime is committed, the police will have a much easier job figuring out who did it. As an added benefit, any criminals in town worried about being caught will leave. Some wariness, or outright rage, over the proposal is to be expected. Count me among those who would actively protest such a policy.

This same wariness can be seen in response to Apple’s addition of a fingerprint scanner built into the new iPhone 5S. The fingerprint reader is part of the iconic home button. Users can now place their finger on the button for just a second and unlock their phones. No passcodes or other security measures are needed. The phone can store up to five fingerprints, and Apple has made it clear that the prints are stored locally, rather than “in the cloud,” presumably as an effort to assuage security concerns.

Nevertheless, commentators and comedians alike have jumped on the fingerprint reader and tied it to NSA surveillance. It’s evidence, they argue, that all parts of our lives are headed online, where they can be snooped on. First the NSA records all our communication; next, they will be after our fingerprints; in the end, it will be constant surveillance everywhere we go. How should we judge these concerns and their possible impact on iPhone sales?

First, we can approach the question logically. What situation does having a fingerprint stored in a phone lead to a greater likelihood of a person unjustly losing freedoms? First, we must judge the meaning of a fingerprint and contrast it with recorded communication. Communication, if intercepted, could cause incorrect suspicion to fall on someone and lead to unjustified arrest. This is just one reason why we should feel uncomfortable if all our mediated communication, both written and verbal, is being intercepted by the government. The outcome of a Kafka-esque situation seems dangerously high.

But for a fingerprint to be used, we must imagine a situation in which A) a fingerprint is found as part of a criminal investigation and B) the police don’t have the fingerprint in their database. In this case, if the NSA were to gain access to all fingerprints stored on iPhones, then the likelihood of finding a match may increase. The conditions under which this should worry us are limited because the presence of a fingerprint at the crime scene is generally a good indication that the owner of that finger should be questioned about the crime. So imagine a case where the suspect is innocent, but his fingerprint was found and matched through his iPhone. And he has no alibi nor does the evidence point to anyone else committing the crime. On this evidence, then, he is convicted. It’s a troubling outcome but too far-fetched to be a real point of worry.

Without a scenario like this, we are left with an argument against storing fingerprints based on general principle, rather than actual risk. These principles are sound ones, beginning with constitutional protection against unlawful search and seizure. But even here, the legal question is complicated by the necessity of a warrant before the fingerprint can lead to arrest. A judge still needs to decide that the evidence suggests the person be apprehended. We are left with a general wariness about storing biometric data where it can be taken by someone else.

Wariness is wise when it comes to new technology. Often, we don’t foresee problems with new tech and are left addressing them after they arise. But will wariness discourage buyers? And does the ease of fingerprint authentication have a net increase in security? Most potential buyers will not be arrested or have their fingerprints used to link them to the commission of a crime. It seems reasonable to judge that most buyers will not let this dissuade them from purchasing the new phone or from setting up this highly touted feature.

For general security, during the iPhone announcement, Apple noted that 50% of users do not use password locks on their phones. Count me among them. Having to type in a numerical password every time I want to use my phone is a waste of time. Being able to use a fingerprint instead, especially if the sensor works as well as early tests say it does, would be something I would use. The reader allows you to place your finger in any orientation and doesn’t need to have the full finger placed on the sensor to work. It is also said to get better over time. And when you unlock your phone with your finger, you don’t need to slide anything on the home screen. It’s easy to use and more secure, a win on both counts. Because I’m not worried about the potential use of this information to convict me, storing my fingerprints seems like a way to gain security rather than lose it.

A related question is to ask who will see the new feature as a reason to make a purchase they weren’t going to already. But this is separate from the criticisms of commentators and separate from issues of privacy. While this new feature might not make many people feel their existing device is vastly inferior, the APIs that Apple releases for the scanner may result in better authentication across many platforms. Rather than remembering multiple passwords and security questions, our devices could vouch for us using our fingerprint. This, in time, may make the scanner a reason to upgrade to the new device. In general, I’m excited about the new iPhone. So while I won’t pay a premium to upgrade from my iPhone 5, I look forward to having a new phone with fingerprint scanner in a year or so.